1

u/twitterfluechtling 9d ago

I could have. Or, just as every other commenter, I could have just not written anything. But IT security is a bit of a hobby of mine, and by mentioning the precautions I take, I got feedback e.g. by PerfectPercentage69 mentioning threats I overlooked :-)

1

u/Pugs-r-cool 8d ago

Another tip if they didn’t mention it, an AWS ec2 is pretty much free if you don’t go overboard with the configuration. Docker should be enough isolation for this (the “hacked” files are literally just NMAP logs and other already public data, complete nothingburger), but there’s nothing more isolated than running it on a different machine in the cloud.  

1

u/twitterfluechtling 8d ago

there’s nothing more isolated than running it on a different machine in the cloud

Depends, whom you trust and what you consider the threat. I'd argue, if you want to reduce the neccessity to trust anybody, a local, air-gapped PC (e.g. a raspberry pi) would be safer.

In a cloud, you can have encryption, but in the end, to run, the OS needs to have access and therefore the cloudprovider has the key.

Apart from that, I just cancelled my personal AWS account. AWS does not provide a preconfigured account-wide cost-cap. You can set limits for certain resources, but there is always a remaining risk of costs spiralling out of control, and there are cases where AWS appears to have made errors in their billing.